GoFuckYourself.com - Adult Webmaster Forum

GoFuckYourself.com - Adult Webmaster Forum (https://gfy.com/index.php)
-   Fucking Around & Business Discussion (https://gfy.com/forumdisplay.php?f=26)
-   -   Tech Form to sendmail dynamic email? (https://gfy.com/showthread.php?t=1359743)

Publisher Bucks 11-30-2022 07:35 PM
Form to sendmail dynamic email?
 
I have a form that I'm using that currently works well using the following sendmail.php file:

Quote:
<?php
if(isset($_POST['email'])) {

// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = "[email protected]";
$email_subject = "Subject";

}

// validation expected data exists
if(!isset($_POST['name']) ||
!isset($_POST['email']) ||
!isset($_POST['phone']) ||
!isset($_POST['page']) ||
!isset($_POST['message'])) {
}

$name = $_POST['name']; // required
$phone = $_POST['phone']; // required
$email = $_POST['email']; // required
$page = $_POST['page']; // required
$message = $_POST['message']; // required

$email_message = "Form details below.\n\n";

function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}

$email_message .= "name: ".clean_string($name)."\n";
$email_message .= "phone: ".clean_string($phone)."\n";
$email_message .= "email: ".clean_string($email)."\n";
$email_message .= "page: ".clean_string($page)."\n";
$email_message .= "message: ".clean_string($message)."\n";

// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers);
?>
My question is this, how would I go about changing the above to dynamically change the $email_to field of the script?

What I'd like to be able to do is have a form on a page (with a unique id assigned to it) that will pull the user who uploaded the document to the databases registered email and, when the html form is filled out, it sends the email to them directly, without having to type their email address in the html form itself, does that make sense?

So if John submitted a document that is available on documents.php?id=123 it pulls his email from the registered user database (via the array if possible) and prefills the form (with a hidden field) so all my proofer has to do is fill out the message field and hit submit.

This is the current form HTML I'm using:

Quote:
<form action="https://www.domain.com/sendmail.php" method="post" class="wpcf7-form" novalidate="novalidate">
<input type="hidden" name="page" value="about"/>
<div style="display: none;">
</div>
<p>Your Name (required)<br/>
<span class="wpcf7-form-control-wrap your-name"><input type="text" name="name" value="" size="40" class="wpcf7-form-control wpcf7-text wpcf7-validates-as-required" aria-required="true" aria-invalid="false"/></span> </p>
<p>Your Phone (required)<br/>
<span class="wpcf7-form-control-wrap your-email"><input type="email" name="phone" value="" size="40" class="wpcf7-form-control wpcf7-text wpcf7-email wpcf7-validates-as-required wpcf7-validates-as-email" aria-required="true" aria-invalid="false"/></span> </p>
<p>Your Email (required)<br/>
<span class="wpcf7-form-control-wrap your-email"><input type="email" name="email" value="" size="40" class="wpcf7-form-control wpcf7-text wpcf7-email wpcf7-validates-as-required wpcf7-validates-as-email" aria-required="true" aria-invalid="false"/></span> </p>
<p>Your Message<br/>
<span class="wpcf7-form-control-wrap your-message"><textarea name="message" cols="40" rows="10" class="wpcf7-form-control wpcf7-textarea" aria-invalid="false"></textarea></span> </p>
<p>&nbsp;<br>
<input type="submit" value="Send" class="wpcf7-form-control wpcf7-submit"/></p>
<div class="wpcf7-response-output wpcf7-display-none"></div></form>
Is this even possible to do? :helpme

zijlstravideo 12-01-2022 03:26 PM
Instead of using POST through a form to insert the user's email, you'll just get it from the database instead.

Check if user is logged in. If so, get the user's email from the database and set the variable.

You don't have to submit the email address (HTTP POST) using the form page, but rather verify and add the user's email address on the sendemail.php page. This will also prevent anyone who isn't logged in to the website, from sending a POST request to that link directly.

If you do the email address validation part on the form page, someone can just bypass the whole form page by making a direct POST request to the sendemail.php file directly (and abuse it to send spam).

Also, the code for your sendemail.php page isn't secure... at all!

fuzebox 12-01-2022 06:34 PM
The questions are getting more and more basic.

plsureking 12-01-2022 09:24 PM
Quote:
Originally Posted by fuzebox (Post 23068101)
The questions are getting more and more basic.
people keep answering this :clown so he keeps posting here instead of googling.

:fart

#

brassmonkey 12-02-2022 03:44 AM
my post was erased LOL

Publisher Bucks 12-03-2022 11:52 AM
Quote:
Originally Posted by zijlstravideo (Post 23068043)
Also, the code for your sendemail.php page isn't secure... at all!
Yeah it isnt live yet, im just working on getting the basics setup, thank you ,thats exactly the info i was looking for too :thumbsup


All times are GMT -7. The time now is 08:37 AM.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc